[oe] [meta-oe][kirkstone][PATCH] nodejs: fix CVE_PRODUCT

Gyorgy Sarvari via lists.openembedded.org Mon, 22 Dec 2025 06:54:01 -0800

The CVE_PRODUCT is set with a weak default assignment in the cve-check.bbclass,
which means that when the recipe uses +=, it overrides the original weak 
adefault
value instead of appending to it.


Set all applicable values in CVE_PRODUCT variable explicitly.

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb 
b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb
index ca5deda99e..05a6706c10 100644
--- a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb
+++ b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb
@@ -44,7 +44,7 @@ SRC_URI[sha256sum] = 
"576f1a03c455e491a8d132b587eb6b3b84651fc8974bb3638433dd44d2
 
 S = "${WORKDIR}/node-v${PV}"
 
-CVE_PRODUCT += "node.js"
+CVE_PRODUCT = "nodejs node.js"
 
 # v8 errors out if you have set CCACHE
 CCACHE = ""

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#122789): 
https://lists.openembedded.org/g/openembedded-devel/message/122789
Mute This Topic: https://lists.openembedded.org/mt/116902143/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-oe][kirkstone][PATCH] nodejs: fix CVE_PRODUCT

Reply via email to